PaymentHandler: Implement permission prompt when calling instruments.set
This patch is an initial implementation of the following spec change:
- https://github.com/w3c/payment-handler/issues/246
- https://chromium-review.googlesource.com/c/chromium/src/+/533193
This feature is still behind runtime flag.
Bug: 665949
Change-Id: Ied225b89c7aed3a39955e49e9af2e4e3866a92c2
Reviewed-on: https://chromium-review.googlesource.com/914661
Reviewed-by: Jochen Eisinger <[email protected]>
Reviewed-by: Raymes Khoury <[email protected]>
Reviewed-by: Rouslan Solomakhin <[email protected]>
Reviewed-by: Kinuko Yasuda <[email protected]>
Commit-Queue: Jinho Bang <[email protected]>
Cr-Commit-Position: refs/heads/master@{#539499}diff --git a/chrome/browser/BUILD.gn b/chrome/browser/BUILD.gn
index 84217628..fb74c0336 100644
--- a/chrome/browser/BUILD.gn
+++ b/chrome/browser/BUILD.gn
@@ -994,6 +994,8 @@
"password_manager/password_store_win.cc",
"password_manager/password_store_win.h",
"password_manager/reauth_purpose.h",
+ "payments/payment_handler_permission_context.cc",
+ "payments/payment_handler_permission_context.h",
"payments/ssl_validity_checker.cc",
"performance_monitor/performance_monitor.cc",
"performance_monitor/performance_monitor.h",
diff --git a/chrome/browser/payments/OWNERS b/chrome/browser/payments/OWNERS
index 9e364d9..6b1ff54 100644
--- a/chrome/browser/payments/OWNERS
+++ b/chrome/browser/payments/OWNERS
@@ -1 +1,3 @@
-file://components/payments/OWNERS
\ No newline at end of file
+file://components/payments/OWNERS
+
+per-file payment_handler*[email protected]
diff --git a/chrome/browser/payments/payment_handler_permission_context.cc b/chrome/browser/payments/payment_handler_permission_context.cc
new file mode 100644
index 0000000..296aa57
--- /dev/null
+++ b/chrome/browser/payments/payment_handler_permission_context.cc
@@ -0,0 +1,24 @@
+// Copyright 2017 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "chrome/browser/payments/payment_handler_permission_context.h"
+
+#include "components/content_settings/core/common/content_settings_types.h"
+#include "third_party/WebKit/public/mojom/feature_policy/feature_policy.mojom.h"
+
+namespace payments {
+
+PaymentHandlerPermissionContext::PaymentHandlerPermissionContext(
+ Profile* profile)
+ : PermissionContextBase(profile,
+ CONTENT_SETTINGS_TYPE_PAYMENT_HANDLER,
+ blink::mojom::FeaturePolicyFeature::kNotFound) {}
+
+PaymentHandlerPermissionContext::~PaymentHandlerPermissionContext() {}
+
+bool PaymentHandlerPermissionContext::IsRestrictedToSecureOrigins() const {
+ return true;
+}
+
+} // namespace payments
diff --git a/chrome/browser/payments/payment_handler_permission_context.h b/chrome/browser/payments/payment_handler_permission_context.h
new file mode 100644
index 0000000..bdf45dc
--- /dev/null
+++ b/chrome/browser/payments/payment_handler_permission_context.h
@@ -0,0 +1,29 @@
+// Copyright 2018 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#ifndef CHROME_BROWSER_PAYMENTS_PAYMENT_HANDLER_PERMISSION_CONTEXT_H_
+#define CHROME_BROWSER_PAYMENTS_PAYMENT_HANDLER_PERMISSION_CONTEXT_H_
+
+#include "base/macros.h"
+#include "chrome/browser/permissions/permission_context_base.h"
+
+class Profile;
+
+namespace payments {
+
+class PaymentHandlerPermissionContext : public PermissionContextBase {
+ public:
+ explicit PaymentHandlerPermissionContext(Profile* profile);
+ ~PaymentHandlerPermissionContext() override;
+
+ private:
+ // PermissionContextBase
+ bool IsRestrictedToSecureOrigins() const override;
+
+ DISALLOW_COPY_AND_ASSIGN(PaymentHandlerPermissionContext);
+};
+
+} // namespace payments
+
+#endif // CHROME_BROWSER_PAYMENTS_PAYMENT_HANDLER_PERMISSION_CONTEXT_H_
diff --git a/chrome/browser/payments/payment_handler_permission_context_unittest.cc b/chrome/browser/payments/payment_handler_permission_context_unittest.cc
new file mode 100644
index 0000000..9d8d285
--- /dev/null
+++ b/chrome/browser/payments/payment_handler_permission_context_unittest.cc
@@ -0,0 +1,141 @@
+// Copyright 2018 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "chrome/browser/payments/payment_handler_permission_context.h"
+
+#include <string>
+
+#include "base/bind.h"
+#include "base/macros.h"
+#include "build/build_config.h"
+#include "chrome/browser/content_settings/host_content_settings_map_factory.h"
+#include "chrome/browser/permissions/permission_request_id.h"
+#include "chrome/test/base/chrome_render_view_host_test_harness.h"
+#include "chrome/test/base/testing_profile.h"
+#include "components/content_settings/core/browser/host_content_settings_map.h"
+#include "components/content_settings/core/common/content_settings.h"
+#include "components/content_settings/core/common/content_settings_types.h"
+#include "content/public/browser/web_contents.h"
+#include "content/public/test/mock_render_process_host.h"
+#include "content/public/test/web_contents_tester.h"
+#include "testing/gtest/include/gtest/gtest.h"
+
+#if defined(OS_ANDROID)
+#include "chrome/browser/infobars/infobar_service.h"
+#else
+#include "chrome/browser/permissions/permission_request_manager.h"
+#endif
+
+namespace {
+
+class TestPermissionContext : public payments::PaymentHandlerPermissionContext {
+ public:
+ explicit TestPermissionContext(Profile* profile)
+ : PaymentHandlerPermissionContext(profile),
+ permission_set_(false),
+ permission_granted_(false) {}
+
+ ~TestPermissionContext() override {}
+
+ bool permission_granted() { return permission_granted_; }
+
+ bool permission_set() { return permission_set_; }
+
+ void TrackPermissionDecision(ContentSetting content_setting) {
+ permission_set_ = true;
+ permission_granted_ = content_setting == CONTENT_SETTING_ALLOW;
+ }
+
+ private:
+ bool permission_set_;
+ bool permission_granted_;
+};
+
+} // anonymous namespace
+
+class PaymentHandlerPermissionContextTests
+ : public ChromeRenderViewHostTestHarness {
+ protected:
+ PaymentHandlerPermissionContextTests() = default;
+
+ private:
+ // ChromeRenderViewHostTestHarness:
+ void SetUp() override {
+ ChromeRenderViewHostTestHarness::SetUp();
+#if defined(OS_ANDROID)
+ InfoBarService::CreateForWebContents(web_contents());
+#else
+ PermissionRequestManager::CreateForWebContents(web_contents());
+#endif
+ }
+
+ DISALLOW_COPY_AND_ASSIGN(PaymentHandlerPermissionContextTests);
+};
+
+// PaymentHandler permission should be denied for insecure origin.
+TEST_F(PaymentHandlerPermissionContextTests, TestInsecureRequestingUrl) {
+ TestPermissionContext permission_context(profile());
+ GURL url("http://www.example.com");
+ content::WebContentsTester::For(web_contents())->NavigateAndCommit(url);
+
+ const PermissionRequestID id(
+ web_contents()->GetMainFrame()->GetProcess()->GetID(),
+ web_contents()->GetMainFrame()->GetRoutingID(), -1);
+ permission_context.RequestPermission(
+ web_contents(), id, url, true,
+ base::Bind(&TestPermissionContext::TrackPermissionDecision,
+ base::Unretained(&permission_context)));
+
+ EXPECT_TRUE(permission_context.permission_set());
+ EXPECT_FALSE(permission_context.permission_granted());
+
+ ContentSetting setting =
+ HostContentSettingsMapFactory::GetForProfile(profile())
+ ->GetContentSetting(url.GetOrigin(), url.GetOrigin(),
+ CONTENT_SETTINGS_TYPE_PAYMENT_HANDLER,
+ std::string());
+ EXPECT_EQ(CONTENT_SETTING_ASK, setting);
+}
+
+// PaymentHandler permission status should be denied for insecure origin.
+TEST_F(PaymentHandlerPermissionContextTests, TestInsecureQueryingUrl) {
+ TestPermissionContext permission_context(profile());
+ GURL insecure_url("http://www.example.com");
+ GURL secure_url("https://www.example.com");
+
+ // Check that there is no saved content settings.
+ EXPECT_EQ(CONTENT_SETTING_ASK,
+ HostContentSettingsMapFactory::GetForProfile(profile())
+ ->GetContentSetting(
+ insecure_url.GetOrigin(), insecure_url.GetOrigin(),
+ CONTENT_SETTINGS_TYPE_PAYMENT_HANDLER, std::string()));
+ EXPECT_EQ(CONTENT_SETTING_ASK,
+ HostContentSettingsMapFactory::GetForProfile(profile())
+ ->GetContentSetting(
+ secure_url.GetOrigin(), insecure_url.GetOrigin(),
+ CONTENT_SETTINGS_TYPE_PAYMENT_HANDLER, std::string()));
+ EXPECT_EQ(CONTENT_SETTING_ASK,
+ HostContentSettingsMapFactory::GetForProfile(profile())
+ ->GetContentSetting(
+ insecure_url.GetOrigin(), secure_url.GetOrigin(),
+ CONTENT_SETTINGS_TYPE_PAYMENT_HANDLER, std::string()));
+
+ EXPECT_EQ(CONTENT_SETTING_BLOCK,
+ permission_context
+ .GetPermissionStatus(nullptr /* render_frame_host */,
+ insecure_url, insecure_url)
+ .content_setting);
+
+ EXPECT_EQ(CONTENT_SETTING_BLOCK,
+ permission_context
+ .GetPermissionStatus(nullptr /* render_frame_host */,
+ secure_url, insecure_url)
+ .content_setting);
+
+ EXPECT_EQ(CONTENT_SETTING_BLOCK,
+ permission_context
+ .GetPermissionStatus(nullptr /* render_frame_host */,
+ insecure_url, secure_url)
+ .content_setting);
+}
diff --git a/chrome/browser/payments/service_worker_payment_app_factory_browsertest.cc b/chrome/browser/payments/service_worker_payment_app_factory_browsertest.cc
index b259352..d49d36c 100644
--- a/chrome/browser/payments/service_worker_payment_app_factory_browsertest.cc
+++ b/chrome/browser/payments/service_worker_payment_app_factory_browsertest.cc
@@ -10,6 +10,7 @@
#include "base/command_line.h"
#include "base/run_loop.h"
#include "base/test/scoped_feature_list.h"
+#include "chrome/browser/permissions/permission_request_manager.h"
#include "chrome/browser/profiles/profile.h"
#include "chrome/browser/ui/browser.h"
#include "chrome/browser/ui/tabs/tab_strip_model.h"
@@ -56,12 +57,20 @@
command_line->AppendSwitch(switches::kIgnoreCertificateErrors);
}
+ PermissionRequestManager* GetPermissionRequestManager() {
+ return PermissionRequestManager::FromWebContents(
+ browser()->tab_strip_model()->GetActiveWebContents());
+ }
+
// Starts the test severs and opens a test page on alicepay.com.
void SetUpOnMainThread() override {
ASSERT_TRUE(StartTestServer("alicepay.com", &alicepay_));
ASSERT_TRUE(StartTestServer("bobpay.com", &bobpay_));
ASSERT_TRUE(StartTestServer("frankpay.com", &frankpay_));
ASSERT_TRUE(StartTestServer("georgepay.com", &georgepay_));
+
+ GetPermissionRequestManager()->set_auto_response_for_test(
+ PermissionRequestManager::ACCEPT_ALL);
}
// Invokes the JavaScript function install(|method_name|) in
diff --git a/chrome/browser/permissions/permission_manager.cc b/chrome/browser/permissions/permission_manager.cc
index a297be1..76ddcb4 100644
--- a/chrome/browser/permissions/permission_manager.cc
+++ b/chrome/browser/permissions/permission_manager.cc
@@ -20,6 +20,7 @@
#include "chrome/browser/media/midi_sysex_permission_context.h"
#include "chrome/browser/media/webrtc/media_stream_device_permission_context.h"
#include "chrome/browser/notifications/notification_permission_context.h"
+#include "chrome/browser/payments/payment_handler_permission_context.h"
#include "chrome/browser/permissions/permission_context_base.h"
#include "chrome/browser/permissions/permission_manager_factory.h"
#include "chrome/browser/permissions/permission_request_id.h"
@@ -117,6 +118,8 @@
return CONTENT_SETTINGS_TYPE_CLIPBOARD_READ;
case PermissionType::CLIPBOARD_WRITE:
return CONTENT_SETTINGS_TYPE_CLIPBOARD_WRITE;
+ case PermissionType::PAYMENT_HANDLER:
+ return CONTENT_SETTINGS_TYPE_PAYMENT_HANDLER;
case PermissionType::NUM:
// This will hit the NOTREACHED below.
break;
@@ -298,6 +301,8 @@
std::make_unique<ClipboardReadPermissionContext>(profile);
permission_contexts_[CONTENT_SETTINGS_TYPE_CLIPBOARD_WRITE] =
std::make_unique<ClipboardWritePermissionContext>(profile);
+ permission_contexts_[CONTENT_SETTINGS_TYPE_PAYMENT_HANDLER] =
+ std::make_unique<payments::PaymentHandlerPermissionContext>(profile);
}
PermissionManager::~PermissionManager() {
diff --git a/chrome/browser/permissions/permission_request.h b/chrome/browser/permissions/permission_request.h
index b093c8d..61522a7 100644
--- a/chrome/browser/permissions/permission_request.h
+++ b/chrome/browser/permissions/permission_request.h
@@ -44,6 +44,7 @@
PERMISSION_ACCESSIBILITY_EVENTS = 15,
PERMISSION_CLIPBOARD_READ = 16,
PERMISSION_SECURITY_KEY_ATTESTATION = 17,
+ PERMISSION_PAYMENT_HANDLER = 18,
// NUM must be the last value in the enum.
NUM
};
diff --git a/chrome/browser/permissions/permission_request_impl.cc b/chrome/browser/permissions/permission_request_impl.cc
index a716bb8..b6326c9 100644
--- a/chrome/browser/permissions/permission_request_impl.cc
+++ b/chrome/browser/permissions/permission_request_impl.cc
@@ -54,6 +54,9 @@
return IDR_ANDROID_INFOBAR_ACCESSIBILITY_EVENTS;
case CONTENT_SETTINGS_TYPE_CLIPBOARD_READ:
return IDR_ANDROID_INFOBAR_CLIPBOARD;
+ case CONTENT_SETTINGS_TYPE_PAYMENT_HANDLER:
+ // TODO(zino): Should update this icon.
+ return IDR_ANDROID_INFOBAR_WARNING;
default:
NOTREACHED();
return IDR_ANDROID_INFOBAR_WARNING;
@@ -81,6 +84,9 @@
return vector_icons::kAccessibilityIcon;
case CONTENT_SETTINGS_TYPE_CLIPBOARD_READ:
return kContentPasteIcon;
+ case CONTENT_SETTINGS_TYPE_PAYMENT_HANDLER:
+ // TODO(zino): Should update this icon.
+ return kProductIcon;
default:
NOTREACHED();
return kExtensionIcon;
@@ -116,6 +122,10 @@
case CONTENT_SETTINGS_TYPE_CLIPBOARD_READ:
message_id = IDS_CLIPBOARD_INFOBAR_TEXT;
break;
+ case CONTENT_SETTINGS_TYPE_PAYMENT_HANDLER:
+ // TODO(zino): Should update this message.
+ message_id = IDS_CLIPBOARD_INFOBAR_TEXT;
+ break;
default:
NOTREACHED();
return base::string16();
@@ -159,6 +169,10 @@
case CONTENT_SETTINGS_TYPE_CLIPBOARD_READ:
message_id = IDS_CLIPBOARD_PERMISSION_FRAGMENT;
break;
+ case CONTENT_SETTINGS_TYPE_PAYMENT_HANDLER:
+ // TODO(zino): Should update this message.
+ message_id = IDS_CLIPBOARD_PERMISSION_FRAGMENT;
+ break;
default:
NOTREACHED();
return base::string16();
diff --git a/chrome/browser/permissions/permission_uma_util.cc b/chrome/browser/permissions/permission_uma_util.cc
index 7b267fd..fe1288a 100644
--- a/chrome/browser/permissions/permission_uma_util.cc
+++ b/chrome/browser/permissions/permission_uma_util.cc
@@ -100,6 +100,8 @@
return "ClipboardRead";
case PermissionRequestType::PERMISSION_SECURITY_KEY_ATTESTATION:
return "SecurityKeyAttestation";
+ case PermissionRequestType::PERMISSION_PAYMENT_HANDLER:
+ return "PaymentHandler";
default:
NOTREACHED();
return "";
@@ -491,6 +493,10 @@
UMA_HISTOGRAM_ENUMERATION("Permissions.Action.ClipboardRead", action,
PermissionAction::NUM);
break;
+ case CONTENT_SETTINGS_TYPE_PAYMENT_HANDLER:
+ UMA_HISTOGRAM_ENUMERATION("Permissions.Action.PaymentHandler", action,
+ PermissionAction::NUM);
+ break;
// The user is not prompted for these permissions, thus there is no
// permission action recorded for them.
default:
diff --git a/chrome/browser/permissions/permission_util.cc b/chrome/browser/permissions/permission_util.cc
index 17bda92c..e8116fa 100644
--- a/chrome/browser/permissions/permission_util.cc
+++ b/chrome/browser/permissions/permission_util.cc
@@ -48,6 +48,8 @@
return "ClipboardRead";
case CONTENT_SETTINGS_TYPE_CLIPBOARD_WRITE:
return "ClipboardWrite";
+ case CONTENT_SETTINGS_TYPE_PAYMENT_HANDLER:
+ return "PaymentHandler";
default:
break;
}
@@ -82,6 +84,8 @@
return "ACCESSIBILITY_EVENTS";
case CONTENT_SETTINGS_TYPE_CLIPBOARD_READ:
return "CLIPBOARD_READ";
+ case CONTENT_SETTINGS_TYPE_PAYMENT_HANDLER:
+ return "PAYMENT_HANDLER";
default:
break;
}
@@ -109,6 +113,8 @@
return PermissionRequestType::PERMISSION_ACCESSIBILITY_EVENTS;
case CONTENT_SETTINGS_TYPE_CLIPBOARD_READ:
return PermissionRequestType::PERMISSION_CLIPBOARD_READ;
+ case CONTENT_SETTINGS_TYPE_PAYMENT_HANDLER:
+ return PermissionRequestType::PERMISSION_PAYMENT_HANDLER;
default:
NOTREACHED();
return PermissionRequestType::UNKNOWN;
@@ -150,6 +156,8 @@
*out = PermissionType::ACCESSIBILITY_EVENTS;
} else if (type == CONTENT_SETTINGS_TYPE_CLIPBOARD_READ) {
*out = PermissionType::CLIPBOARD_READ;
+ } else if (type == CONTENT_SETTINGS_TYPE_PAYMENT_HANDLER) {
+ *out = PermissionType::PAYMENT_HANDLER;
} else {
return false;
}
@@ -172,6 +180,7 @@
case CONTENT_SETTINGS_TYPE_SENSORS:
case CONTENT_SETTINGS_TYPE_ACCESSIBILITY_EVENTS:
case CONTENT_SETTINGS_TYPE_CLIPBOARD_READ:
+ case CONTENT_SETTINGS_TYPE_PAYMENT_HANDLER:
return true;
default:
return false;
diff --git a/chrome/browser/ui/views/payments/payment_request_payment_app_browsertest.cc b/chrome/browser/ui/views/payments/payment_request_payment_app_browsertest.cc
index 35a05e68..2a9667cb 100644
--- a/chrome/browser/ui/views/payments/payment_request_payment_app_browsertest.cc
+++ b/chrome/browser/ui/views/payments/payment_request_payment_app_browsertest.cc
@@ -3,6 +3,7 @@
// found in the LICENSE file.
#include "base/macros.h"
+#include "chrome/browser/permissions/permission_request_manager.h"
#include "chrome/browser/ui/browser.h"
#include "chrome/browser/ui/tabs/tab_strip_model.h"
#include "chrome/browser/ui/views/payments/payment_request_browsertest_base.h"
@@ -33,6 +34,11 @@
features::kServiceWorkerPaymentApps);
}
+ PermissionRequestManager* GetPermissionRequestManager() {
+ return PermissionRequestManager::FromWebContents(
+ browser()->tab_strip_model()->GetActiveWebContents());
+ }
+
// Starts the test severs and opens a test page on alicepay.com.
void SetUpOnMainThread() override {
PaymentRequestBrowserTestBase::SetUpOnMainThread();
@@ -40,6 +46,9 @@
ASSERT_TRUE(StartTestServer("alicepay.com", &alicepay_));
ASSERT_TRUE(StartTestServer("bobpay.com", &bobpay_));
ASSERT_TRUE(StartTestServer("frankpay.com", &frankpay_));
+
+ GetPermissionRequestManager()->set_auto_response_for_test(
+ PermissionRequestManager::ACCEPT_ALL);
}
// Invokes the JavaScript function install(|method_name|) in
diff --git a/chrome/browser/ui/webui/site_settings_helper.cc b/chrome/browser/ui/webui/site_settings_helper.cc
index 36b5ef2..cf47f6894 100644
--- a/chrome/browser/ui/webui/site_settings_helper.cc
+++ b/chrome/browser/ui/webui/site_settings_helper.cc
@@ -75,6 +75,7 @@
{CONTENT_SETTINGS_TYPE_SOUND, "sound"},
{CONTENT_SETTINGS_TYPE_CLIPBOARD_READ, "clipboard"},
{CONTENT_SETTINGS_TYPE_SENSORS, "sensors"},
+ {CONTENT_SETTINGS_TYPE_PAYMENT_HANDLER, "payment-handler"},
// Add new content settings here if a corresponding Javascript string
// representation for it is not required. Note some exceptions, such as
